Release Notes

Please find following changes that affect the core Lakekeeper library crate. For more information, please also check our Github Releases.

Changelog

0.8.1 (2025-04-13)

Features

• Add Protection for Tables, Views, Namespaces and Warehouses (fa8c678)
• Add recursive & force deletes (fa8c678)
• Azure Managed Identities (#999) (faee35e)
• Best-Effort checks on unique Warehouse Locations within Projects (#996) (b571947)
• Faster Storage Profile validation (#989) (8278c5f)
• Recursive Deletes and Force Deletes (#891) (9762d52)
• Support for GCP Managed Identities (#1009) (9a8d36e)
• Support WASBS locations for ADLS (#1010) (008064a)

Bug Fixes

• Missing Endpoints in Endpoint Statistic (76bf004)
• Properly deprecate /default-project endpoints. Use /project instead. (76bf004)
• undercount table counts in statistics / can't drop table (#990) (ba3dda0)

Miscellaneous Chores

• release 0.8.1 (0c66884)

0.8.0 (2025-04-08)

⚠ BREAKING CHANGES

• drop duplicate sequence numbers in table snapshots & add index (#952)
• Move APIs affecting the default project to /default-project according to OpenAPI spec (#878)
• Remove project_id from RenameProjectRequest. Use /v1/project/{project_id}/rename instead.
• Change Project ID type from UUID to String (alphanumeric + hyphen + underscore)

Features

• Accept nameless Application Clients for self-provisioning (Missing app_displayname in Entra-ID token) (#970) (f880c91)
• Add information about AWS System Identities for S3 storage profiles to Server Info (#972) (5b6aefc)
• add kafka support #271 (#937) (1fa2f09)
• Add support for legacy Kubernetes tokens (no audience) (#940) (e7daf01)
• AWS / S3 Managed Identities (#965) (7490047)
• Change Project ID type from UUID to String (alphanumeric + hyphen + underscore) (984381b)
• Migrate to OpenFGA Client (#876) (72ebee4)
• Re-add constraints for string project IDs (#960) (44b6248)
• Remove project_id from RenameProjectRequest. Use /v1/project/{project_id}/rename instead. (984381b)
• s3: make url-style detection configurable (#905) (69234fe)
• Split OpenFGA Model into components (#881) (e3b658b)
• stats: Endpoint call statistics (#818) (bf7bcde)
• view: allow view location updates for trino (#944) (0628fa8)

Bug Fixes

• Consistency checks for READ Committed transaction level (#975) (6b852dd)
• drop duplicate sequence numbers in table snapshots & add index (#952) (abb4882)
• Endpoint Statistics API, Consistently use kebab-case in API (#968) (5568a9d)
• error message if rename target namespace does not exist (8b60142)
• Move APIs affecting the default project to /default-project according to OpenAPI spec (#878) (fa4b26a)
• set method of endpoint statistics get to post (#951) (329f63d)
• stats: unique constraint violation on warehouse deletion (#977) (af66510)
• Table References not deleted (#956) (2ee3ac1)
• table snapshot refs with add+remove+set-current ref in one transaction (#945) (94da715)
• use correct image for kube auth test (#979) (a077d2d)
• views: set 404 instead of 403 on failed view deletion (#963) (d5c4cd6)

Miscellaneous Chores

• release 0.8.0 (f1b8083)

0.7.4 (2025-03-20)

Features

• az: support azure shared keys (#912) (e85bd91)
• configurable bind ip address (#922) (e545a26)

Bug Fixes

• add log lines to determine if not found or action forbidden (#895) (66d1d05)
• az: relax sas token start time (#898) (45eb878)
• dropping S3 table does not accidentally delete sibling folders with same prefix anymore (#923) (39f60f4)
• forward sts role arn to s3-compatible storages when specified (#889) (bd4795a)

Miscellaneous Chores

• release 0.7.4 (e51010a)

0.7.3 (2025-03-04)

Features

• add EnumString to Catalog{resource}Action (efeb311)

Miscellaneous Chores

• release 0.7.3 (630ee3a)

0.7.2 (2025-02-27)

Bug Fixes

• Authenticator order (OIDC before K8s), add K8s Authenticator Audiences (#864) (b894ba5)

Miscellaneous Chores

• release 0.7.2 (b4c77ac)

0.7.1 (2025-02-26)

Features

• Re-Export RequestMetadata under api (#850) (5a22149)

Bug Fixes

• Client Credential Authentication for OpenFGA, allow to configure Scopes (#863) (720053b)
• more logging in validate warehouse (#860) (efc9eda)

Miscellaneous Chores

• release 0.7.1 (05938cd)

0.7.0 (2025-02-24)

Features

• Add Opt-In to S3 Variant prefixes (s3a, s3n) (#821) (b85b724)
• collect warehouse statistics (#811) (063066c)
• emit CloudEvent on undropTabulars #572 (#803) (9dd431a)
• Migrate Authentication to Limes, Support Unlimited Authenticators, Customizable Authentication (b72852d)
• tasks: add unit to poll interval config (#829) (c0edafa)
• use x-forwarded-for/host headers to generate links (#834) (89c0f8a)

Bug Fixes

• deps: update rust crate rand to 0.9.0 (#785) (b9952de)
• HEAD Namespace missing in supported endpoints (#847) (f3e43fe)
• parsing of pg sslmode should be case-insensitive (#802) (1e3d001)
• s3: set path style access in s3 file_io (#796) (33e690f)

Miscellaneous Chores

• release 0.7.0 (491940b)

0.6.2 (2025-01-30)

Features

• Scope validation (#790) (65e664f)

Miscellaneous Chores

• release 0.6.2 (0c7e181)

0.6.1 (2025-01-27)

Features

• expose cloud-events tracing publisher on cli (#747) (798e85d)
• Register table endpoint (#775) (4b88f73)

Bug Fixes

• clippy & pin rust version (#758) (0899d4c)
• Table locations with same prefix (#780) (39eb3d2)
• test: use 0.3.0 for kube-auth test & fix pyiceberg aws tests (#767) (e6b7b9c)

Performance Improvements

• optimize load_table by refine SQL (#784) (2b87915)

Miscellaneous Chores

• release 0.6.1 (a17f5c4)

0.6.0 (2025-01-07)

Features

• Check Endpoint for single permissions (#706) (6a149a6)
• Lakekeeper Open Policy Agent Bridge with trino support (3735742)
• tests: run integration tests with iceberg versions: 1.5.2, 1.6.1, 1.7.1 (3f3b5ad)
• Update Lakekeeper UI to 0.4.0 (3735742)

Bug Fixes

• credentials configs are never empty but are either null or an empty list (3f3b5ad)
• Default to purge drop for managed tables (#712) (676d995)
• Enable openfga integration tests (3735742)
• files of deleted tables not deleted for ADLS (#715) (d81677f)
• return proper error codes for invalid writes and reads of permission tuples (#727) (96c2d5e)
• use correct list of supported endpoints (3f3b5ad)

0.5.2 (2024-12-17)

Features

• Support for Statistic Files (1e4fa38)
• tables: load table credentials (#675) (9fd272e)

Bug Fixes

• Make BASE_URI trailing slash insensitive (#681) (4799ea7)
• Snapshots without schema (1e4fa38)

Miscellaneous Chores

• release 0.5.2 (c5774b2)

0.5.1 (2024-12-12)

Features

• openapi: document error models in openapi (#658) (2a67196)
• undrop (#517) (658e757)

Bug Fixes

• allow mixed-case properties (#660) (f435573)
• potential deadlock for views through uncommitted transactions (#638) (0dda8e3)
• potential deadlock in load-table (#636) (c22b0e0)
• remove unused relation from openfga schema (#659) (764ca5b)
• tokens of humans are wrongly identified as applications if "appid" claim is present (#647) (bc6b475)

Miscellaneous Chores

• release 0.5.1 (f8aa87c)

0.5.0 (2024-12-06)

⚠ BREAKING CHANGES

• Rename S3 minio flavor to s3-compat (#630)
• Change default port from 8080 to 8181
• Default to single-tenant / single-project with NIL Project-ID

Features

• Add iceberg openapi to swagger (#431) (bb3d12f)
• Add Iceberg REST Spec to swagger (2eaa10e)
• add kafka support #271 (#340) (7973586)
• Add namespace_id filter to list deleted tabulars (#443) (cc82736)
• Add operator role (#543) (bcddb60)
• Allow configuration of additional Issuer URLs (b712cf0)
• Allow configuration of multiple Audiences (b712cf0)
• Change default port from 8080 to 8181 (b712cf0)
• Create default Project on Bootstrap (2eaa10e)
• Default to hard deletion (#507) (5d794aa)
• Default to single-tenant / single-project with NIL Project-ID (2eaa10e)
• docs (#605) (c1d2348)
• Embedded UI (#622) (332f3b8)
• Enable K8s Auth explicitly (#594) (3773141)
• Extend user search to email field (#477) (9f9f42b)
• Fine Grained Access Controls with OpenFGA (2eaa10e)
• Generated TS Client (#453) (24bfccf)
• Hierarchical Namespaces (2eaa10e)
• improve latency against aws by reusing http clients (#540) (8c384f7)
• OIDC Audience validation (#607) (052bb3f)
• Optionally return uuids for Iceberg APIs (2eaa10e)
• pagination without empty pages (#450) (c88a59d)
• Project Management APIs (2eaa10e)
• Provide inherited managed access via API (#619) (e7b0394)
• Rename S3 minio flavor to s3-compat (#630) (acb7419)
• Server Info Endpoint (2eaa10e)
• split table metadata into tables (#478) (942fa97)
• support kubernetes service-accounts (#538) (2982210)

Bug Fixes

• aws s3 signer (#493) (b7ad8f4)
• aws: deal with closed connections via retries (#569) (bbda2c4)
• azure connection reset (#553) (5d4b041)
• Bootstrap should return HTTP Code 204 (#597) (25d1d4e)
• Delete Namespaces with children should not be possible (#482) (7ffd864)
• flaky aws tests (#545) (f4d46b2)
• Include Deletion Profile in GetWarehouseResponse (#514) (54a6420)
• List Namespaces - Top level NS list should only contain top level Namespaces (#512) (795d4f0)
• list-projects for non admins (#546) (d0066b8)
• management: deleted tabulars endpoint should not contain underscore (#556) (b15a8fe)
• only log table load failed when it actually happened (#626) (be5f58c)
• openapi: Fix Soft-Deletion expiration seconds type (#509) (322a1a0)
• pagination (#604) (0be19ed)
• permissions API Parameters (#516) (5133752)
• prepend a version count to metadata files (#524) (0d9d06f)
• recreate user (#599) (1194cb0)
• run metrics router (#628) (f6b47e5)
• set pool idle timeout to <20 not keepalive timeout (#551) (2ae5b8d)
• tests: give openfga a bit of time to delete things (#557) (71daf6f)
• tests: use a shared runtime for tests that share a static reqwest client (#555) (90c6880)
• Warehouse managed-access in openapi spec (#610) (c860506)
• WarehouseAdmin renamed to DataAdmin (#515) (7ec4c01)

Miscellaneous Chores

• release 0.5.0 (b1b2ee6)

0.4.3 (2024-11-13)

Bug Fixes

• aws s3 signer (#493) (dea4a57)

Miscellaneous Chores

• release 0.4.3 (e577ab2)

0.4.2 (2024-10-28)

Features

• enable native-tls-root-certs (af26004)
• improve azure latency by reusing http clients (af26004)

Miscellaneous Chores

• release 0.4.2 (1d8c469)

0.4.1 (2024-10-15)

Bug Fixes

• bug in join for listing view representations (d2f1d7a)
• gcs integration test are now running in ci (d2f1d7a)
• increase keycloak timeout in integration tests (d2f1d7a)
• purge tests are now properly executed in ci (d2f1d7a)

0.4.0 (2024-10-03)

⚠ BREAKING CHANGES

• Rename TIP to Lakekeeper (#372)

Features

• cache: cache metadata location in signer (#334) (fa0863c)
• catalog: expiration queue configuration (#330) (fd96861)
• catalog: Soft-deletions & tabular cleanup queues (#310) (1de63b3)
• list soft deletions (#302) (0a01eaf)
• make sure table locations are unique (#335) (543db50)
• New TableMetadataBuilder with: ID Reassignments, Metadata expiry, safe binding... (#387) (e5c1c77)
• Rename TIP to Lakekeeper (#372) (57df07e)
• storage: support for google cloud storage (gcs) (#361) (ebb4e27)
• tabular: soft-delete & drop purge (#287) (475db44)

Bug Fixes

• make conditional compilation of tests depend on var content (#311) (79036db)
• replace pretty debug prints with properly formatted errors (#327) (efe9fe9)

0.3.0 (2024-08-26)

⚠ BREAKING CHANGES

• dots can no longer be used in namespace names (#257)

Features

• Add support for custom Locations for Namespaces & Tables (1d2ac6f)
• aws: sts credentials for s3 (#236) (dbf775b)
• compression-codec: Support setting and altering write.metadata.compression-codec (#235) (f4fb4cb)
• storage: add ability to narrow token permissions (#249) (ba9f046)
• storage: adls (#223) (fd11428)

Bug Fixes

• dots can no longer be used in namespace names (#257) (8ac52e0)
• kv2: extend docs & fix mismatch between docs and expected env values (#224) (be3e3e6)

0.2.1 (2024-07-29)

Features

• db: Add Encryption Secret for postgres SecretStore to README & warn on startup (#217) (933409d)
• secrets: Secret Backend configuration is now case insensitive (#215) (99b19ab)

Bug Fixes

• examples: Fix ICEBERG_REST__BASE_URI (33f213b)
• s3signing: Add S3 remote signing "content-md5" for pyiceberg compatability (33f213b)

Miscellaneous Chores

• release 0.2.1 (587ea12)

0.2.0 (2024-07-26)

⚠ BREAKING CHANGES

• Catalog base URL should not contain /catalog suffix (#208)
• views: split off tabular from table to prepare for views

Features

• health: Service health checks (#181) (3bf4d4c)
• pagination: add pagination for namespaces & tables & views (#186) (37b1dbd)
• prometheus: add prometheus axum metrics (#185) (d60d84a)
• secrets: add support for kv2 secret storage (#192) (a86b13c)
• server: make listenport configurable (#183) (9ffe0c2)
• views: authz interface for views & view-ident resolve (#141) (c5e1f99)
• views: commit views (#146) (0f6310b)
• views: create + load view (#142) (328cf33)
• views: exists (#149) (fdb5013)
• views: list-views (5917a5e)
• views: rename views (#148) (4aaaa7d)
• views: split off tabular from table to prepare for views (f62b329)

Bug Fixes

• Catalog base URL should not contain /catalog suffix (#208) (6aabaa9)
• db: add wait-for-db command (#196) (c1cd069)
• remove unused cfg-attributes (#203) (b6d17c4)
• tables: deny "write.metadata" & "write.data.path" table properties (#197) (4b2191e)

0.1.0 (2024-06-17)

Miscellaneous Chores

• 🚀 Release 0.1.0 (a5def9a)

0.1.0-rc3 (2024-06-17)

Miscellaneous Chores

• 🚀 Release 0.1.0-rc3 (9b0d219)

0.1.0-rc2 (2024-06-17)

Bug Fixes

• add view router (#116) (0745cc8)

Miscellaneous Chores

• 🚀 Release 0.1.0-rc2 (9bc25ef)

0.1.0-rc1 (2024-06-16)

Miscellaneous Chores

• 🚀 Release 0.1.0-rc1 (ba6e5d5)

0.0.2-rc1 (2024-06-16)

Miscellaneous Chores

• 🚀 Release 0.0.2-rc1 (eb34b9c)

0.0.1 (2024-06-15)

Miscellaneous Chores

• 🚀 Release 0.0.1 (c52ddec)